Kernel Mode Vulnerability in NVIDIA Windows GPU Display Driver
CVE-2017-6256

7.8HIGH

Key Information:

Vendor: Nvidia
Status: Nvidia Windows Gpu Display Driver
Vendor: CVE Published:; 28 July 2017

Summary

A vulnerability exists in the NVIDIA Windows GPU Display Driver within the kernel mode layer (nvlddmkm.sys). This occurs due to improper validation of a user-supplied value that acts as an index to an array when handled by the DxgkDdiEscape function. The exploitation of this flaw may lead to a denial of service or even potential escalation of privileges, enabling attackers to execute arbitrary code or manipulate system integrity.

Affected Version(s)

NVIDIA Windows GPU Display Driver All

References

http://nvidia.custhelp.com/app/answers/detail/a_id/4525

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 28, 2017
Vulnerability Reserved
Feb 23, 2017